Datasheet
xxviii
CiscoSecure ACS 2.3 for UNIX User Guide
78-5222-02 Rev. A0
Multiple CiscoSecure ACS Installation
CiscoSecure System Description
Multiple CiscoSecure ACS Installation
Networks that provide access at multiple locations or support large numbers of users (for example,
nationwide ISP networks that provide local dial-in login across the nation) are best supported by
multiple ACSes with an RDBMS configured to replicate changes to any local CiscoSecure profile
database to all other CiscoSecure profile database sites in the network.
Figure 2 Multiple ACSes and Replicated Proļ¬le Databases
CiscoSecure
Profile
database
The profile database contains the authentication, authorization, and accounting
information for each of your users and groups. Each CiscoSecure ACS requires a
relational database management system (RDBMS) engine installed to store,
retrieve, and maintain this information.
CiscoSecure supplies an SQLAnywhere database engine with the
CiscoSecure ACS for UNIX product; however, if you intend to support profile
databases larger than 5,000 users or a network of CiscoSecure ACSes using a
common replicated profile database for authentication, authorization, and
accounting, you must purchase and preinstall Oracle Enterprise or Sybase
Enterprise RDBMS to support your RDBMS.
CiscoSecure
workstation
console
The CiscoSecure workstation console provides web-based pages through which the
CiscoSecure profile database can be administered by the CiscoSecure system
administrator or group administrator.
Token server An optional third-party server for executing authentication of token card users
entering one-time passwords (OTPs). CiscoSecure ACS can be configured to
forward login requests from token card users for authentication by the token server.
Table 3 Basic CiscoSecure Components
Node Description